Manage Step Up Verification

Prev Next

1. Change Tenant Step-Up Authentication Configuration Settings

This POST method is used to change the step-up authentication configuration settings.

Note:
Only the tenant administrator can execute this API.

POST{{url}}/api/step-up/configuration

Request Parameters

The request parameters used in this method are shown in the following table:

ParameterDescriptionData TypeRequired

validationWindow

The validation time window in which the last Step Up authentication completion is valid before prompting to step up again for Step Up policy conditions with always prompt disabled (false). This time duration is specified in minutes. Default value:30 

Integer

Mandatory


completedCookieMaxAge		How long in seconds the completion ID cookie is valid for Step Up policy conditions with always prompt enabled (true). Default value: 5 seconds.Integer

Mandatory

totpConfiguration/hash functionThe hash function/algorithm used to generate the TOTP. Default value: SHA1String

Mandatory

totpConfiguration/digitsThe number of digits generated for the TOTP. Default value: 6 digitsInteger

Mandatory

totpConfiguration/timeStepTime window in seconds the TOTP is valid before the next TOTP is generated.Integer

Mandatory

Request Example

curl --location '{{url}}/api/step-up/configuration' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--data '{
  "validationWindow": "<integer>",
  "completedCookieMaxAge": "<integer>",
  "totpConfiguration": {
    "hashFunction": "SHA1",
    "digits": "<integer>",
    "timeStep": "<integer>"
  }
}'

Response Example

Status: 200 OK

{
  "validationWindow" : 19,
  "completedCookieMaxAge" : 5,
  "totpConfiguration" : {
    "hashFunction" : "SHA1",
    "digits" : 6,
    "timeStep" : 30
  }


2. Retrieve Tenant Step-Up Authentication Configuration Settings

This GET method is used to retrieve the Step Up authentication configuration settings.

GET{{url}}/api/step-up/configuration

Request Example

curl --location '{{url}}/api/step-up/configuration' \
--header 'Accept: application/json'

Response Example

{
  "validationWindow" : 19,
  "completedCookieMaxAge" : 5,
  "totpConfiguration" : {
    "hashFunction" : "SHA1",
    "digits" : 6,
    "timeStep" : 30
  }